SecID enables you to perform both CIS assessments and non-CIS assessments, covering security areas that fall outside the scope of the CIS framework.
SecID assessment checks for technologies have been designed by leveraging security frameworks such as CIS, NIST CSF 2.0, STIG, MITRE and ANSSI.
SecID provides support for both Microsoft and non-Microsoft technologies such as AWS, Google Cloud, Ubuntu, Apache, Oracle Database, etc.
There is no need to install multiple copies of SecID for performing assessment of technologies. Single application supports assessment of multiple technologies.
Every technology is compatible with test cases created by ANSSI, MITRE, CIS, STIG, NIST CSF 2.0, and SmartProfiler tests. Our technology professionals use the evaluations we have completed for clients worldwide as a source of knowledge when designing SecID tests.
Microsoft Cloud Technologies | ||||
Microsoft 365 Objective: Perform a complete M365 CIS Assessment using CIS and additional tests. | Azure Foundation Objective: Perform CIS Benchmark for Azure Foundattion | Azure Database Objective: Perform CIS Azure Database Assessment | Azure Storage Objective: Perform CIS Azure Storage Assessment | Azure Compute Objective: Perform CIS Azure Compute Assessment |
Azure Kubernetes Service Objective: Perfom CIS Azure AKS Assessment | Microsoft Azure Entra ID Objective: Perform Entra ID Assessment | Microsoft Azure Infra Objective: Performs Azure Infra Assessment. | Microsoft AVD Objective: Perform Microsoft AVD Assessment | Microsoft FSLogix Objective: Perform FSLogix Assessment |
InTune-iOS BYOD Objective: Perform iOS Device Assessment in Intune based on BYOD CIS. | InTune-iOS ORG Objective: Perform iOS Device Assessment in Intune based on ORG CIS | Intune for Windows 10 Objective: Objective is to check if recommended CIS GPO Settings are configured in Intune Admin Center for Windows 10 | Intune for Windows 11 Objective:Objective is to check if recommended CIS GPO Settings are configured in Intune Admin Center for Windows 11 | |
Microsoft Infra. Technologies | ||||
Microsoft Active Directory Objective: MITRE, ANSSI, CIS and MS Recommeded Assessment | PKI Assessment (Private/Internal) Objective: PKI Assessment for Private and Internal CA | Windows File Server Assessment Objective: Windows File Server Assessment for File Servers | SQL Server 2019 Objective: SQL Server Assessment based on CIS Assessment | SQL Server 2022 Objective: SQL Server Assessment based on CIS Assessment |
Windows Server 2016 Objective: Objective is to check if recommended CIS Settings are applying on Windows Servers. | Windows Server 2019 Objective: Objective is to check if recommended CIS Settings are applying on Windows Servers. | Windows Server 2022 Objective: Objective is to check if recommended CIS Settings are applying on Windows Servers. | Windows Server 2025 Objective: Objective is to check if recommended CIS Settings are applying on Windows Servers. | Intune for Windows 10 Device Objective: Objective is to check if recommended CIS GPO Settings are configured on Target Windows 10 Devices |
Intune for Windows 11 Device Objective: Objective is to check if recommended CIS GPO Settings are configured on Target Windows 10 Devices | Microsoft Windows 10 Objective: Objective is to check if recommended CIS GPO Settings are configured on Windows 10 | Microsoft Windows 11 Objective: Objective is to check if recommended CIS GPO Settings are configured on Windows 11 | Exchange Server 2016 Objective: Performs CIS Assessment | Exchange Server 2019 Objective: Performs CIS Assessment |
Microsoft IIS 10 Objective: Objective is to check if recommended CIS Settings are applying on IIS Servers | Microsoft DHCP Objective: Perform DHCP Assessment for scopes and servers | |||
Browsers | ||||
Microsoft Edge Objective: Objective is to check if CIS Edge Settings are applying to target computers. | Google Chrome Objective: Objective is to check if CIS Chrome Settings are applying to target computers. | Mozilla Firefox Objective: Objective is to check if CIS Firefox Settings are applying to target computers. | ||
Non-Microsoft Cloud Technologies | ||||
AWS Web Services Objective: CIS AWS Web Service Assessment | AWS Compute Services Objective: CIS AWS Compute Service Assessment | AWS Database Services Objective: CIS AWS Web Database Assessment | AWS Storage Services Objective: CIS AWS Storage Service Assessment | AWS End User Compute Objective: CIS AWS End User Compute Service Assessment |
Non-Microsoft Infra. Technologies | ||||
VMWare ESXi 8.0 Objective: Perform a complete CIS Assessment. | Ubuntu Linux 22.04 LTS Objective: Perform a complete CIS Assessment. | Ubuntu Linux 24.04 LTS Objective: Perform a complete CIS Assessment. | Ubuntu Linux 20.04 LTS Objective: Perform a complete CIS Assessment. | CentOS Linux 8 Objective: Perform a complete CIS Assessment. |
Debian Linux 12 Objective: Perform a complete CIS Assessment. | Red Hat Enterprise Linux 9 Objective: Perform a complete CIS Assessment. | NGINX – Redhat-WebServer Objective: Perform a complete CIS Assessment. | NGINX – Redhat-LoadBalancer Objective: Perform a complete CIS Assessment. | NGINX – Redhat-Proxy Objective: Perform a complete CIS Assessment. |
Oracle Database 19c – Oracle Linux Objective: Perform a complete CIS Assessment. | Oracle Database 19c – Oracle Windows Objective: Perform a complete CIS Assessment. | Oracle Database 23AI – Oracle Windows Objective: Perform a complete CIS Assessment. | Oracle Database 23AI – Oracle Linux Objective: Perform a complete CIS Assessment. | Fortigate 7.0 Objective: Perform a complete CIS Assessment. |
MariaDB 10.11 – Ubuntu Objective: Perform a complete CIS Assessment. |
It’s crucial to carry out an advanced assessment before purchasing any monitoring software for Microsoft Active Directory to make sure the tool can keep an eye on all the problems the assessment tool finds—something the SmartProfiler for Active Directory does! Not every assessment tool examines every facet of Active Directory environments. SmartProfiler is designed to uncover issues in On-Premises Active Directory.
Objective is to check all Active Directory Components to ensure they are configured correctly and there is no security risks.
ANSSI, MITRE, MS-RECOMMENDED, CIS
368 Tests from ANSSI, MITRE, Microsoft and CIS
Can run using both Domain Admin or Non-Admin accounts. When executing using Non-Admin account domain controllers tests will be skipped.
SecID is able to connect to PDC of each domain and all default Active Directory ports need to be opened from SecID to domain controllers.
LDAP and RPC Ports with Domain Admin, WinRM needs to be opened.
SmartProfiler for Microsoft 365 Assessment is an automated Health & Risk assessment solution to help you significantly improve your Microsoft 365 ecosystem health & security posture. SmartProfiler for Microsoft 365 Assessment follows CIS-Workbench controls (Version 5.0.0) and other tests designed by our Microsoft 365 experts. Services covered: MSOnline, EXO, Teams, SharePoint, OneDrive, and Azure AD.
The Microsoft 365 CIS Assessment is a security evaluation designed to help organizations assess their Microsoft 365 environment against the Center for Internet Security (CIS) Microsoft 365 Security Benchmark. This benchmark provides a set of security best practices to ensure the proper configuration and protection of Microsoft 365 services, helping organizations mitigate risks and safeguard sensitive data in a cloud-based, collaborative environment.
The assessment focuses on several key areas:
By conducting the Microsoft 365 CIS Assessment, organizations can identify gaps in their security posture, implement recommended best practices, and ensure that their Microsoft 365 environment is securely configured. This proactive assessment helps reduce the risk of security breaches, improve data protection, and align Microsoft 365 deployments with industry-leading security standards, ensuring a safe and compliant environment for collaboration and productivity.
Objective is to check all Microsoft 365 Services including SharePoint, ExchangeOnline, OneDrive, Teams, Defender and other services.
CIS, NIST
234 Tests from CIS and SmartProfiler tests designed by our M365 Experts.
SecID is connected to Internet to be able to connect to Microsoft 365 Cloud.
SecID for M365 can be executed using both Global Admin or Global Reader account. Global Reader accounts need to be added to four M365 roles: Compliance Administrator, Compliance Data Administrator, Global Reader and Sharepoint Administrator.
Objective is to check all Azure Services including Infrastructure, Compute, Storage, Database and End User Computing.
CIS, NIST
139 Tests from CIS and SmartProfiler tests designed by our Azure Experts.
Entra App with necessary Read-Only permissions to connect to Azure Tenant and execute tests. For list of permissions please check here
The Azure Database CIS Assessment helps organizations evaluate their database configurations against the CIS Azure Foundations Benchmark. It focuses on identifying misconfigurations, enforcing security best practices, and ensuring compliance with industry standards.
Key areas covered include:
Access Control: Verifying authentication, firewall rules, and role-based permissions.
Data Protection: Checking encryption settings and secure backups.
Monitoring & Logging: Ensuring auditing is enabled for visibility and threat detection.
Configuration Compliance: Validating database settings against CIS recommendations.
SmartProfiler automates this assessment, providing detailed reports with impact analysis and actionable remediation steps to strengthen your database security posture.
Objective is to check all Azure Services including Infrastructure, Compute, Storage, Database and End User Computing.
CIS, NIST
28 Tests from CIS.
Entra App with necessary Read-Only permissions to connect to Azure Tenant and execute tests. For list of permissions please check here
The Azure Storage CIS Assessment evaluates the security configuration of Azure Storage accounts based on the CIS Azure Foundations Benchmark. It helps identify misconfigurations, enforce best practices, and ensure compliance with cloud security standards.
Key areas covered include:
Access Management: Validating authentication methods, shared access signatures (SAS), and RBAC.
Data Protection: Ensuring encryption at rest and in transit is enabled.
Network Security: Checking firewall rules, private endpoints, and public access settings.
Logging & Monitoring: Verifying that logging, diagnostics, and access monitoring are properly configured.
Configuration Compliance: Auditing settings for blobs, file shares, queues, and tables.
SmartProfiler automates the assessment and provides actionable insights with detailed reporting, helping organizations improve their Azure Storage security posture and align with CIS best practices.
Objective is to check all Azure Services including Infrastructure, Compute, Storage, Database and End User Computing.
CIS, NIST
64 Tests from CIS.
Entra App with necessary Read-Only permissions to connect to Azure Tenant and execute tests. For list of permissions please check here
The Azure Compute CIS Assessment focuses on evaluating the security posture of Azure virtual machines and related compute resources against the CIS Azure Foundations Benchmark. It helps identify vulnerabilities, enforce best practices, and ensure compliance with industry security standards.
Key areas covered include:
Identity & Access Control: Verifying VM access policies, including RBAC, SSH key usage, and password policies.
Configuration Management: Auditing VM settings, OS configurations, and ensuring secure baseline images.
Network Security: Checking NSGs, public IP exposure, and inbound/outbound access rules.
Monitoring & Logging: Ensuring diagnostics, boot logs, and activity logging are properly enabled.
Patch & Update Management: Validating update policies to minimize risk from unpatched vulnerabilities.
SmartProfiler automates this assessment and delivers detailed reports with prioritized remediation steps, enabling organizations to strengthen their compute environment and align with CIS best practices.
Objective is to check all Azure Services including Infrastructure, Compute, Storage, Database and End User Computing.
CIS, NIST
55 Tests from CIS.
Entra App with necessary Read-Only permissions to connect to Azure Tenant and execute tests. For list of permissions please check here
The Azure Entra ID CIS Assessment is a security evaluation designed to help organizations assess their Azure Active Directory (Azure AD) environment against the Center for Internet Security (CIS) Azure AD Security Benchmark. This benchmark outlines a set of best practices and security controls to ensure the secure configuration of identity and access management in Azure AD, helping organizations protect their users, applications, and sensitive data from unauthorized access and potential security threats.
The assessment focuses on several key areas:
By conducting the Azure Entra ID CIS Assessment, organizations can identify security gaps, mitigate risks associated with misconfigurations, and ensure their Azure AD environment aligns with industry-leading security practices. This proactive approach helps safeguard the identity management infrastructure, reduce the attack surface, and strengthen overall security posture in Azure Active Directory environments.
Objective is to check all Microsoft 365 Services including SharePoint, ExchangeOnline, OneDrive, Teams, Defender and other services.
CIS, NIST
31 Tests from SmartProfiler tests designed by Entra ID experts.
Entra App with necessary Read-Only permissions to connect to Azure Tenant and execute tests. For list of permissions please check here
The Microsoft Azure Infrastructure CIS Assessment provides a comprehensive evaluation of core Azure infrastructure components, aligning configurations with the CIS Azure Foundations Benchmark. It helps organizations detect misconfigurations, reduce security risks, and maintain compliance with industry best practices.
Key areas assessed include:
Identity & Access Management: Auditing Azure AD, role assignments, MFA enforcement, and privileged access.
Network Architecture: Evaluating virtual networks, NSGs, firewalls, and traffic flow for segmentation and isolation.
Resource Security: Ensuring secure configuration of critical services like virtual machines, storage, and databases.
Monitoring & Auditing: Verifying logging, diagnostics, and security center integration for visibility and response.
Governance & Compliance: Assessing policies, blueprints, and management group configurations for regulatory alignment.
SmartProfiler automates the assessment process, delivering detailed reports with impact analysis and actionable recommendations to harden your Azure infrastructure and meet CIS standards.
Objective is to check all Microsoft 365 Services including SharePoint, ExchangeOnline, OneDrive, Teams, Defender and other services.
CIS, NIST
31 Tests from SmartProfiler tests designed by Entra ID experts.
Entra App with necessary Read-Only permissions to connect to Azure Tenant and execute tests. For list of permissions please check here
The InTune iOS CIS Assessment is a security evaluation designed to help organizations assess their Microsoft Intune configuration for iOS devices against the Center for Internet Security (CIS) Mobile Device Security Benchmark for iOS. This benchmark provides a set of best practices to ensure that iOS devices managed through Intune are securely configured, compliant with industry standards, and protected against security threats.
The assessment focuses on the following key areas:
By conducting the InTune iOS CIS Assessment, organizations can evaluate and strengthen their device management posture, ensure their iOS devices meet CIS security standards, and reduce the risk of security breaches, data loss, or unauthorized access. This proactive approach helps organizations enforce consistent security practices and maintain control over their mobile device environment.
Objective is to check:
CIS, NIST
61 Tests from CIS and SmartProfiler tests designed by our M365 Experts.
The InTune iOS CIS Assessment is a security evaluation designed to help organizations assess their Microsoft Intune configuration for iOS devices against the Center for Internet Security (CIS) Mobile Device Security Benchmark for iOS. This benchmark provides a set of best practices to ensure that iOS devices managed through Intune are securely configured, compliant with industry standards, and protected against security threats.
The assessment focuses on the following key areas:
By conducting the InTune iOS CIS Assessment, organizations can evaluate and strengthen their device management posture, ensure their iOS devices meet CIS security standards, and reduce the risk of security breaches, data loss, or unauthorized access. This proactive approach helps organizations enforce consistent security practices and maintain control over their mobile device environment.
Objective is to check:
CIS, NIST
61 Tests from CIS and SmartProfiler tests designed by our M365 Experts.
The Intune Windows 10 CIS Assessment helps organizations evaluate their Microsoft Intune configuration for Windows 10 devices against the Center for Internet Security (CIS) benchmarks. These benchmarks offer best practices to ensure Windows 10 endpoints are securely configured, compliant with industry standards, and protected from modern threats.
Key focus areas include:
Device Enrollment & Authentication: Ensuring secure onboarding with options like multi-factor authentication (MFA) and identity protection.
Endpoint Protection Policies: Applying settings for antivirus, firewall, and BitLocker encryption to safeguard devices and data.
Configuration Profiles: Enforcing password policies, screen lock, and user restrictions to minimize risk and unauthorized access.
Application Control: Managing software installations, blocking unapproved apps, and using Microsoft Defender Application Control (MDAC).
Compliance & Monitoring: Continuously tracking device health and compliance status to detect and respond to security issues.
By using the Intune Windows 10 CIS Assessment, organizations can strengthen their security posture, reduce attack surfaces, and maintain compliance with CIS guidelines — helping ensure a well-protected Windows 10 environment.
Objective is to check:
CIS, NIST
411 Tests from CIS for Windows 10 Intune
Entra App with necessary Intune Device Management and Config Management permissions. Read-Only permissions are required.
The CIS (Center for Internet Security) Microsoft IIS Server Benchmark provides a set of best practices to secure Internet Information Services (IIS) servers. This assessment focuses on ensuring that IIS configurations are hardened against vulnerabilities, mitigating risks related to unauthorized access, data breaches, and system misconfigurations. The key areas covered include:
Following the CIS Benchmark for IIS can significantly reduce the attack surface of web servers, helping organizations maintain a more secure environment and comply with industry best practices and regulatory requirements.
Objective is to check all IIS Server Settings according to CIS Benchmark recommended for Microsoft IIS environments. Multiple IIS Servers are supported.
CIS, NIST
219 Tests from CIS and SmartProfiler tests designed by our M365 Experts.
The CIS VMware ESXi 8.0 Benchmark v1.1.0 provides a comprehensive set of best practices to secure VMware ESXi hosts, focusing on hardening the underlying virtualization platform. This assessment is designed to reduce vulnerabilities, strengthen configurations, and mitigate risks in virtualized environments. Key areas of focus in the CIS assessment include:
By adhering to the CIS VMware ESXi 8.0 v1.1.0 Benchmark, organizations can ensure that their ESXi hosts are securely configured, reducing the risk of breaches and maintaining a robust, compliant virtualized environment.
Objective is to check all CIS Settings recommended for ESXi hosts. Multiple ESXi Hosts are supported.
CIS, NIST
219 Tests from CIS and SmartProfiler tests designed by our M365 Experts.
The AWS Complete CIS v3.0.0 Assessment refers to a comprehensive evaluation of an AWS environment based on the Center for Internet Security (CIS) AWS Foundations Benchmark, version 3.0.0. This benchmark provides a set of best practices to secure AWS environments, focusing on key areas such as identity and access management, logging, monitoring, networking, and data protection.
By performing a CIS assessment, organizations can systematically review their AWS configurations to identify gaps, enhance security, and reduce risks. The assessment process typically includes automated checks, manual reviews, and alignment with CIS recommendations to ensure that cloud resources are secure, compliant, and follow industry best practices.
This process is crucial for improving the overall security posture of AWS environments, ensuring compliance with regulatory standards, and mitigating potential vulnerabilities.
Objective is to check all CIS Settings recommended for Amazon Web Services.
CIS, NIST
279 Tests from CIS and SmartProfiler tests designed by our AWS Security Experts.